The attack is said to be well within the reach of an average attacker and demonstrated alarming insecurities within the Hybrid Broadcast Broadband TV (HbbTV) standard, the Columbia researchers say.

HbbTV is advanced as a boon for targeted advertising as it allows the fusion of broadcast television with online content purchases to deliver catch-up TV, integrated purchasing and video on-demand.

The researchers found the attack vectors grew the more features a viewer had activated on their smart TVs and seemed limited only by the criminal imagination. Hackers could begin spamming Facebook friends and Twitter followers if those services were logged in, and even generate fake paid-content messages in a bid to phish for credit card numbers.

Boob tubes could be made to purchase DRM-protected content or dial premium phone numbers sending profits to attackers.

"People are sitting at home watching their TV and all of a sudden something starts flying up in the air - it's a drone [which] starts sending reviews to Yelp without them knowing and spam to their friends - their printer starts printing coupons," Yossi Oren of Columbia University's Network Security Lab told Forbes.

"And 12 minutes later it all stops ... and nobody can find who did this".